I would like users to be logged in for 30 days.
I added in the user table the auth_key field as http://www.yiiframework.com/doc-2.0/guide-security-authentication.html
I would like to know if I need to set only the cookie lifetime or the other options too
My Settings:
'session' => [
'class' => 'yii\web\Session',
'cookieParams' => ['lifetime' => 3600*24*30]
],
'user' => [
'identityClass' => 'app\models\User',
'enableAutoLogin' => true,
],
Should I use it?
'session' => [
'class' => 'yii\web\Session',
'cookieParams' => ['lifetime' => 3600*24*30],
'timeout' => 3600*24*30
],
'user' => [
'identityClass' => 'app\models\User',
'enableAutoLogin' => true,
'authTimeout' => 3600*24*30
],
My model:
/**
* @return string current user auth key
*/
public function getAuthKey()
{
return $this->auth_key;
}
/**
* @param string $authKey
* @return bool if auth key is valid for current user
*/
public function validateAuthKey($authKey)
{
return $this->getAuthKey() === $authKey;
}
public function beforeSave($insert)
{
if (parent::beforeSave($insert)) {
if ($this->isNewRecord) {
$this->auth_key = \Yii::$app->security->generateRandomString();
}
return true;
}
return false;
}